Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/DrIAD8KRtYBn_rpUClZohDR0QqA.roa
File: DrIAD8KRtYBn_rpUClZohDR0QqA.roa (raw, json)
Hash identifier: wh1G0PHj2XMsEvEBxTEqfGvX+sIQ/TPoQA6TUhuH9qk=
Subject key identifier: 0E:B2:00:0F:C2:91:B5:80:67:FE:BA:54:0A:56:68:84:34:74:42:A0
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018CD374FAFE4CC1B3D887EAE081F137A5C1
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/DrIAD8KRtYBn_rpUClZohDR0QqA.roa
Signing time: Thu 04 Jan 2024 07:51:48 +0000
ROA not before: Thu 04 Jan 2024 07:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.255.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
194.146.92.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.149.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
45.155.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:74:fa:fe:4c:c1:b3:d8:87:ea:e0:81:f1:37:a5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 4 07:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eb2000fc291b58067feba540a566884347442a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c1:64:50:df:c1:14:d8:b0:70:12:b3:dc:5d:
7a:2b:2e:9c:46:0d:60:6e:ce:ea:39:41:3a:3d:43:
0a:b9:73:30:04:e4:4e:71:f8:95:86:c2:31:1c:c2:
88:a5:94:df:c8:51:3b:dd:12:e1:72:a4:b0:54:45:
33:66:cc:9c:eb:8b:fc:1b:d1:92:69:6b:15:6c:9d:
d5:f5:00:6c:6a:f5:de:5d:55:a0:ff:87:a3:49:7a:
bb:75:23:b5:2f:e3:5f:65:0b:82:bb:8d:c7:15:b4:
88:ae:ab:d3:ea:cd:e1:f3:c6:a0:82:c1:4f:bd:97:
3d:04:a3:6c:97:0e:3e:57:80:55:65:87:8f:54:e0:
1a:fe:c7:42:21:55:35:31:18:2e:b3:eb:ab:be:68:
5b:41:9a:c4:6b:c6:d1:50:6f:ad:c3:ce:29:66:c0:
f3:f2:22:b4:3a:36:93:0e:a3:a0:b9:50:a2:b1:a9:
bd:ba:ff:80:a8:ea:e0:83:8f:0d:2a:3c:15:3f:77:
06:83:c7:5c:31:1d:1e:66:04:ca:1b:cd:da:b4:37:
6c:69:bd:91:a7:4a:35:34:47:97:9f:f9:f8:4e:c2:
94:01:b6:82:12:0e:de:2a:4d:b3:ea:99:b2:61:83:
55:cf:6b:b7:88:83:c9:1a:28:c4:d5:06:79:1f:96:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B2:00:0F:C2:91:B5:80:67:FE:BA:54:0A:56:68:84:34:74:42:A0
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/DrIAD8KRtYBn_rpUClZohDR0QqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.252.0/24
45.155.255.0/24
176.125.251.0/24
185.199.149.0/24
185.199.151.0/24
185.199.213.0/24
194.146.92.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:57:87:8d:a3:81:ea:fd:69:3a:60:09:b9:e6:4d:7c:60:66:
23:2f:a8:61:35:e6:4f:f0:a8:f6:ac:b7:ed:80:48:18:90:96:
f6:2a:da:2e:c2:ea:b7:eb:50:78:63:fb:5c:89:80:1a:d0:03:
25:75:8e:dd:f4:4c:9b:b1:2e:27:e4:a1:b1:44:dc:38:ee:2e:
5c:89:72:d0:b1:5a:4e:63:1b:c6:23:e3:08:10:86:e3:5c:ba:
d8:a6:e8:b9:0c:c6:c7:cf:7c:0a:01:16:3a:bf:a2:78:93:74:
42:3a:5b:fc:d3:1d:e8:c4:79:d7:88:65:bb:10:42:3d:1a:58:
a6:fd:d7:1c:01:2f:05:be:54:c2:6e:fc:9c:69:be:6c:c3:5a:
c6:3e:04:a7:ed:f4:cc:fe:8b:1a:af:69:89:65:30:4c:b3:ee:
eb:65:e5:f6:a5:14:dd:ae:b9:38:76:ac:41:79:0f:a0:e6:d2:
8c:81:bb:29:f1:fe:1e:d5:3d:1e:89:7a:ee:87:48:34:e3:2b:
5c:7f:55:aa:95:7d:96:21:5b:e4:ce:f3:13:85:d1:f3:04:74:
ee:d6:9c:8b:c1:9c:43:92:1a:3a:3c:40:bd:45:2d:ae:cd:ce:
57:19:09:91:f5:c0:76:95:c7:91:87:4b:8e:b2:4f:f3:fa:ed:
c0:dd:9a:db
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzTdPr+TMGz2Ifq4IHxN6XBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTA0MDc1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIyMDAwZmMyOTFiNTgwNjdmZWJhNTQwYTU2Njg4NDM0NzQ0MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8FkUN/BFNiwcBKz3F16Ky6cRg1g
bs7qOUE6PUMKuXMwBOROcfiVhsIxHMKIpZTfyFE73RLhcqSwVEUzZsyc64v8G9GS
aWsVbJ3V9QBsavXeXVWg/4ejSXq7dSO1L+NfZQuCu43HFbSIrqvT6s3h88aggsFP
vZc9BKNslw4+V4BVZYePVOAa/sdCIVU1MRgus+urvmhbQZrEa8bRUG+tw84pZsDz
8iK0OjaTDqOguVCisam9uv+AqOrgg48NKjwVP3cGg8dcMR0eZgTKG83atDdsab2R
p0o1NEeXn/n4TsKUAbaCEg7eKk2z6pmyYYNVz2u3iIPJGijE1QZ5H5aZIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA6yAA/CkbWAZ/66VApWaIQ0dEKgMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvRHJJQUQ4S1J0WUJuX3JwVUNsWm9oRFIwUXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZv8AwQA
LZv/AwQAsH37AwQAuceVAwQAuceXAwQAucfVAwQAwpJcMA0GCSqGSIb3DQEBCwUA
A4IBAQDLV4eNo4Hq/Wk6YAm55k18YGYjL6hhNeZP8Kj2rLftgEgYkJb2Ktouwuq3
61B4Y/tciYAa0AMldY7d9EybsS4n5KGxRNw47i5ciXLQsVpOYxvGI+MIEIbjXLrY
pui5DMbHz3wKARY6v6J4k3RCOlv80x3oxHnXiGW7EEI9Glim/dccAS8FvlTCbvyc
ab5sw1rGPgSn7fTM/osar2mJZTBMs+7rZeX2pRTdrrk4dqxBeQ+g5tKMgbsp8f4e
1T0eiXruh0g04ytcf1WqlX2WIVvkzvMThdHzBHTu1pyLwZxDkho6PEC9RS2uzc5X
GQmR9cB2lceRh0uOsk/z+u3A3Zrb
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:21:45 2025 by rpki-client